Browse Source

Merge pull request #5734 from nextcloud/only-readable-chars-in-share-tokens

Only use readable chars in Share Tokens
pull/5794/head
Joas Schilling 8 years ago
committed by GitHub
parent
commit
3ff3c338c9
  1. 2
      apps/dav/lib/CalDAV/CalDavBackend.php
  2. 3
      apps/sharebymail/lib/ShareByMailProvider.php
  3. 3
      lib/private/Share/Share.php
  4. 8
      lib/private/Share20/Manager.php

2
apps/dav/lib/CalDAV/CalDavBackend.php

@ -1925,7 +1925,7 @@ class CalDavBackend extends AbstractBackend implements SyncSupport, Subscription
public function setPublishStatus($value, $calendar) {
$query = $this->db->getQueryBuilder();
if ($value) {
$publicUri = $this->random->generate(16, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_DIGITS);
$publicUri = $this->random->generate(16, ISecureRandom::CHAR_HUMAN_READABLE);
$query->insert('dav_shares')
->values([
'principaluri' => $query->createNamedParameter($calendar->getPrincipalURI()),

3
apps/sharebymail/lib/ShareByMailProvider.php

@ -542,8 +542,7 @@ class ShareByMailProvider implements IShareProvider {
* @return string
*/
protected function generateToken($size = 15) {
$token = $this->secureRandom->generate(
$size, ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS);
$token = $this->secureRandom->generate($size, ISecureRandom::CHAR_HUMAN_READABLE);
return $token;
}

3
lib/private/Share/Share.php

@ -913,8 +913,7 @@ class Share extends Constants {
$token = $oldToken;
} else {
$token = \OC::$server->getSecureRandom()->generate(self::TOKEN_LENGTH,
\OCP\Security\ISecureRandom::CHAR_LOWER.\OCP\Security\ISecureRandom::CHAR_UPPER.
\OCP\Security\ISecureRandom::CHAR_DIGITS
\OCP\Security\ISecureRandom::CHAR_HUMAN_READABLE
);
}
$result = self::put($itemType, $itemSource, $shareType, $shareWith, $uidOwner, $permissions,

8
lib/private/Share20/Manager.php

@ -583,9 +583,7 @@ class Manager implements IManager {
$share->setToken(
$this->secureRandom->generate(
\OC\Share\Constants::TOKEN_LENGTH,
\OCP\Security\ISecureRandom::CHAR_LOWER.
\OCP\Security\ISecureRandom::CHAR_UPPER.
\OCP\Security\ISecureRandom::CHAR_DIGITS
\OCP\Security\ISecureRandom::CHAR_HUMAN_READABLE
)
);
@ -603,9 +601,7 @@ class Manager implements IManager {
$share->setToken(
$this->secureRandom->generate(
\OC\Share\Constants::TOKEN_LENGTH,
\OCP\Security\ISecureRandom::CHAR_LOWER.
\OCP\Security\ISecureRandom::CHAR_UPPER.
\OCP\Security\ISecureRandom::CHAR_DIGITS
\OCP\Security\ISecureRandom::CHAR_HUMAN_READABLE
)
);
}

Loading…
Cancel
Save